Should we allow staff to use their own devices, and how do we ensure they are secure?
|Answered by Mark Hofman, Chief Technology Officer, CyberCX|
BYOD, or ‘bring-your-own-device,’ is increasingly common, particularly with the shift to remote work. It is always preferable that staff are given work laptops that they can take home to use. However, the reality is that sometimes staff will access corporate systems through their own computers or mobile devices.
The difficulty with personal devices is that they may not be configured with sufficient cyber security protections in place. This will make it very difficult for your IT team to maintain visibility and ensure the devices are maintained correctly.
If staff must use a personal device, one option is to require the installation of Mobile Device Management (MDM) technology. This helps separate your organisation’s data from their personal information. You will also gain the ability to remotely manage your organisation’s data on the device.
Another measure you can take is to install Network Access Control (NAC) software on personal devices. This will allow you to maintain greater visibility over device usage via endpoint assessments.
One of the most important measures you can take is to ensure devices have Full Disk Encryption. This encrypts the entire hard drive of the device and applies to all files, data, software and operating systems.
It should be a requirement that staff install the latest software updates and patches on their devices. This may require ongoing training and periodic reviews to ensure updates are not neglected or forgotten.
If BYOD devices cannot comply, then perhaps a virtual desktop environment or published applications are an option. However, these may rapidly run out of capacity due to the increased number of users.
View our 5 easy steps to improve your cyber resilience.